zgaetano/datarhei-dragonfork-core
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases 4 Packages Wiki Activity Actions
datarhei-dragonfork-core/deploy/truenas
History
Zac Gaetano 45f39a9132
Some checks failed
ci / vet + build (push) Successful in 9m49s
Details
ci / race tests (push) Failing after 8m1s
Details
ci / WebRTC smoke (5-viewer fanout) (push) Successful in 9m46s
Details
ci / WebRTC latency p95 gate (push) Successful in 10m5s
Details
deploy: ship a Dragon Fork landing page at / (fixes root 404) 
A clean post-merge deploy showed an unintended UX wart: hitting
http://<host>:<port>/ in a browser returned 404 'File not found'
because Core's static-disk handler serves /core/data and we never
put anything there. Functionally fine — the API and Swagger are
reachable on /api and /api/swagger — but a confusing first
impression for a brand-new operator.

Fix is deploy-side, not code-side: ship a small landing page +
the existing test/whep-player.html as default content for the data
volume.

Pieces:
  deploy/truenas/core/static/
    index.html         — Dragon Fork-branded landing page; links
                         to Swagger and the WHEP player; live
                         /api status panel.
    whep-player.html   — same self-contained Pion subscriber that
                         lives at test/whep-player.html.
  deploy/truenas/core/seed-data.sh
    First-boot script. Copies /core/static/* into /core/data/
    only when the destination filename doesn't already exist —
    operator-supplied content is never clobbered, so this is a
    safe addition that respects upstream's contract that
    /core/data is operator-owned.
  deploy/truenas/core/Dockerfile
    COPYs the static dir and seed script into the runtime image,
    wraps the entrypoint as 'seed-data.sh && exec run.sh' (run.sh
    itself is unchanged from upstream).

Image size impact: ~15KB.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-03 12:44:04 +00:00
..
core deploy: ship a Dragon Fork landing page at / (fixes root 404) 2026-05-03 12:44:04 +00:00
docker-compose.yml feat(webrtc): add -rtp-host flag + TrueNAS Docker deploy 2026-04-17 09:05:37 -04:00
README.md feat(webrtc): add -rtp-host flag + TrueNAS Docker deploy 2026-04-17 09:05:37 -04:00

README.md

TrueNAS deploy — WebRTC PoC (M1)

Host-networked Docker stack that runs cmd/webrtc-poc on TrueNAS for manual end-to-end testing. Not wired into the Core binary.

Prereqs

  • Docker on the TrueNAS host (TrueNAS SCALE includes it)
  • LAN or public IP that clients can reach
  • One free TCP port (WHEP) and one free UDP port (RTP ingest)

One-time setup

# On TrueNAS:
sudo mkdir -p /mnt/NVME/Docker/dragonfork-webrtc-poc
cd /mnt/NVME/Docker/dragonfork-webrtc-poc

# Copy the repo's deploy/truenas/docker-compose.yml in here, and the
# whole repo (or just cmd/ + core/ + go.mod + vendor/) somewhere the
# Dockerfile build context can see. Simplest: clone the repo adjacent
# and symlink docker-compose.yml, or point `context:` at the clone.

cat > .env <<EOF
WHEP_PORT=45121
RTP_PORT=49248
STREAM_ID=test
PUBLIC_IP=10.0.0.25
EOF

Run

docker compose up -d --build
docker compose logs -f

You should see:

listening for RTP on 127.0.0.1:49248   # or 0.0.0.0:49248 on real deploy
WHEP listening on :45121 — POST /whep/test to subscribe

Verify from another host on the LAN

curl -i -X GET http://10.0.0.25:45121/whep/test   # → 405 (POST only)
curl -i -X POST http://10.0.0.25:45121/whep/nope  # → 404 (stream not found)

For a real end-to-end check, point the repo's test/publish.sh at 10.0.0.25 49248 and the whep-client at http://10.0.0.25:45121/whep/test.

Teardown

docker compose down

Security notes

  • WHEP is served plain HTTP. Put nginx-proxy-manager or Caddy in front for TLS — but note that WHEP itself is fine over HTTPS; the real media is DTLS-SRTP-encrypted regardless.
  • No auth in M1. Anyone who can reach the port can subscribe. M3 adds a token check.
  • The binary runs as PID 1 in scratch — no shell, no package manager, no privilege escalation path. Exit codes only.